Category Started On Completed On Duration Cuckoo Version
FILE 2014-07-10 03:33:08 2014-07-10 03:35:00 112 seconds 1.2-dev
Machine Label Manager Started On Shutdown On
machine4 xpmachine4 VirtualBox 2014-07-10 03:33:08 2014-07-10 03:35:00

File Details

File name report_id_875893475983475934759384.exe
File size 117760 bytes
File type PE32 executable (GUI) Intel 80386, for MS Windows
CRC32 1F2DDB79
MD5 c8d1cab54b7c6222fdf7e816073b7e5d
SHA1 63d8bdec8e3b96ae73c9e97d3b585f87c369b7d2
SHA256 271ae00036319ea40383cd64651a6768ab9822302843fb832c82eac15785071e
SHA512 26f9f1a94955dc5d5ed1abc623f5dd0d66c55396470d8d0ac3aaff385690bf199906f8edcaa26b30c6efeef46347da99d097eb4caacd8d5311a6639e7068868b
Ssdeep None
PEiD None matched
Yara None matched
VirusTotal Permalink
VirusTotal Scan Date: 2014-07-10 07:31:42
Detection Rate: 2/53 (Expand)

Signatures

File has been identified by at least one AntiVirus on VirusTotal as malicious
Installs itself for autorun at Windows startup

Screenshots

Static Analysis

Version Infos

Sections

Imports

Strings

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

Behavior Summary

Files
  • C:\
Mutexes Nothing to display.
Registry Keys
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Disk\Enum
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall

Processes

registry filesystem process services network synchronization

report_id_875893475983475934759384.exe PID: 492, Parent PID: 388

Volatility

Nothing to display.